Privacy Policy

1. Who We Are

New York Computer Forensics ("NYCF," "we," "our," or "us") is a division of Global Digital Forensics and operates the website newyorkcomputerforensics.com. NYCF provides digital forensic analysis, eDiscovery, penetration testing, breach response, and expert witness services to attorneys, businesses, and individuals in New York and across the United States.

For the purposes of the General Data Protection Regulation (GDPR), Global Digital Forensics is the data controller for personal data collected through this website. For the purposes of the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), Global Digital Forensics is the business responsible for the personal information we collect and process.

Data Protection Contact:
New York Computer Forensics, a division of Global Digital Forensics
Privacy Office
Email: info@newyorkcomputerforensics.com
Phone: (212) 561-5860

2. Data We Collect

We collect personal data in the following categories:

2.1 Contact and Inquiry Data

When you submit a contact form, request a consultation, or send us an email, we collect:

• Your name
• Your email address
• Your phone number (if provided)
• Your company or organization name (if provided)
• The content of your message or inquiry

2.2 Usage and Technical Data

When you visit newyorkcomputerforensics.com, our web hosting and analytics infrastructure may collect:

• Your Internet Protocol (IP) address
• Browser type and version
• Operating system
• Pages visited and time spent on each page
• Referring URLs (the page you came from)
• Date and time of your visit
• Device type (desktop, mobile, tablet)

2.3 Cookie Data

We use cookies and similar tracking technologies. Please see our Cookie Policy for a full description of the cookies we use, their purposes, and how to control them.

2.4 Data You Provide in the Course of an Engagement

If you retain NYCF for forensic analysis, eDiscovery, or cybersecurity services, we will collect additional information as necessary to fulfill the engagement. That data is governed by a separate engagement agreement and, where applicable, a data processing agreement.

2.5 Data We Do Not Collect

We do not intentionally collect sensitive personal data (special categories under GDPR) through this website. We do not sell personal information. We do not collect financial payment information directly; payments are processed by third-party payment processors subject to their own privacy policies.

3. Legal Bases for Processing (GDPR Article 6)

For visitors and clients located in the European Economic Area (EEA) or the United Kingdom, we rely on the following legal bases under Article 6 of the GDPR:

Where we rely on legitimate interests, you have the right to object. See Section 8 for how to exercise your rights.

4. How We Use Your Data

• To respond to your inquiries and provide the information or services you request
• To deliver forensic analysis, eDiscovery, and cybersecurity services to clients
• To send engagement-related communications (quotes, status updates, reports)
• To maintain the security and functionality of our website
• To analyze website usage and improve our site's content and performance
• To comply with applicable laws, regulations, and court orders
• To establish, exercise, or defend legal claims

We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects.

5. How We Share Your Data

We do not sell personal information. We do not share personal information with third parties for their own marketing purposes. We share data only in the following limited circumstances:

5.1 Service Providers

• Web hosting providers (servers and infrastructure that host newyorkcomputerforensics.com)
• Analytics providers (website usage measurement, subject to your consent)
• Email and communication platforms (used to receive and respond to inquiries)
• Payment processors (for billing, if applicable to your engagement)

All service providers are bound by data processing agreements restricting use to providing services to us.

5.2 Legal and Safety Disclosures

We may disclose personal data when required by law, court order, subpoena, or other governmental authority. We may also disclose data to protect the safety, rights, or property of NYCF, Global Digital Forensics, our clients, or the public.

5.3 Parent Organization

As a division of Global Digital Forensics, we may share data within the Global Digital Forensics organization where necessary to deliver services or fulfill our obligations. All such sharing is subject to appropriate data protection agreements.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred as part of that transaction. We will notify affected individuals if such a transfer results in a material change in how their data is used.

6. Data Retention

When the retention period expires, data is securely deleted or anonymized so it can no longer be linked to you.

7. International Data Transfers

New York Computer Forensics and its parent organization Global Digital Forensics are headquartered in the United States. If you are located in the EEA, UK, or another jurisdiction with data transfer restrictions, your personal data may be transferred to, stored in, and processed in the United States.

Where we transfer EEA or UK personal data to the United States, we rely on the following safeguards as applicable:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• The UK International Data Transfer Agreement (IDTA) for transfers from the United Kingdom
• Your explicit consent for transfers where required

You may request a copy of the relevant safeguards by contacting us at info@newyorkcomputerforensics.com.

8. Your Rights Under GDPR

If you are located in the EEA or the United Kingdom, you have the following rights under the GDPR (or UK GDPR):

To exercise any of these rights, visit our Privacy Rights Portal or contact us at info@newyorkcomputerforensics.com. We will respond within 30 days of receiving a verifiable request.

9. Your Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

9.1 Right to Know

You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.

9.2 Right to Delete

You have the right to request deletion of personal information we have collected about you, subject to certain exceptions (such as retaining data needed to complete a transaction you requested, for security purposes, or to comply with a legal obligation).

9.3 Right to Correct

You have the right to request correction of inaccurate personal information we maintain about you.

9.4 Right to Opt Out of Sale or Sharing

You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. NYCF does not sell personal information and does not share personal information for cross-context behavioral advertising. You may still submit a formal request via our Privacy Rights Portal.

9.5 Right to Limit Use of Sensitive Personal Information

You have the right to direct us to limit our use of any sensitive personal information we collect to purposes necessary to provide the services you request. NYCF does not collect sensitive personal information through this website beyond what is necessary to respond to your inquiry.

9.6 Right to Non-Discrimination

NYCF will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you services, charge you different prices, or provide a lower quality of service because you exercised a privacy right.

9.7 Submitting a CCPA Request

To submit a CCPA/CPRA request, use our Privacy Rights Portal, email us at info@newyorkcomputerforensics.com with the subject line "CCPA Rights Request," or call us at (212) 561-5860. We will respond within 45 calendar days of receiving a verifiable consumer request. We may extend this period by an additional 45 days where necessary, with written notice.

9.8 Authorized Agents

You may designate an authorized agent to submit a CCPA/CPRA request on your behalf. Authorized agents must provide written proof of authorization, and we may require you to verify your identity directly with us before processing the request.

10. Do Not Sell or Share My Personal Information

NYCF does not sell personal information as defined under the CCPA/CPRA, and we do not share personal information with third parties for cross-context behavioral advertising.

If you wish to submit a formal opt-out request, you may do so through our Privacy Rights Portal or by contacting us at info@newyorkcomputerforensics.com.

California residents may also use the opt-out preference signal (Global Privacy Control) to communicate their preference. We honor GPC signals received from your browser.

11. Cookies and Similar Technologies

We use cookies and similar technologies to operate and improve our website. Cookie categories include:

• Strictly Necessary: Required for core website functionality and security. These cannot be disabled.
• Analytics and Performance: Help us understand how visitors use our site. Set only with your consent.
• Marketing and Advertising: Used to deliver relevant advertising. Set only with your explicit consent.

For a full list of cookies, their purposes, and instructions on how to control them, please see our Cookie Policy.

12. Data Security

NYCF takes data security seriously. We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the data we hold, including encryption of data in transit (HTTPS/TLS), access controls, regular security assessments, and incident response procedures. No method of transmission over the internet is 100% secure; while we take commercially reasonable measures to protect your data, we cannot guarantee absolute security.

13. Children's Privacy

The newyorkcomputerforensics.com website is directed to business and legal professionals and is not intended for individuals under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently collected data from a minor, please contact us at info@newyorkcomputerforensics.com and we will promptly delete it.

14. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal data.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page. Where required by applicable law, we will notify you by email or by a prominent notice on our website.

16. Contact Us

If you have questions or concerns about this Privacy Policy, or wish to exercise your data rights, please contact us:

• Email: info@newyorkcomputerforensics.com
• Phone: (212) 561-5860
• Privacy Rights Portal: newyorkcomputerforensics.com/privacy-rights.html

For EEA residents: If you are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority.

For UK residents: You may contact the Information Commissioner's Office (ICO) at ico.org.uk.